Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
File:                     nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft (raw, json)
Hash identifier:          CVq/vbn9cZnjoJMbSxW46zmsw6elgZGp3J55LyH+Goc=
Subject key identifier:   D9:A7:36:21:E4:E2:6A:2F:51:86:8C:B1:6D:ED:ED:3E:8B:EB:65:DA
Authority key identifier: 9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF
Certificate issuer:       /CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
Certificate serial:       019D3909CD8D7716AF9154F7DEDF2A63CEEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
Manifest number:          181D
Signing time:             Sun 29 Mar 2026 10:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:36 +0000
Files and hashes:         1: nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl (hash: PBKm4QAeuWziZEDm3Z85TOalTZKFTvczCOZeVSpLJjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:cd:8d:77:16:af:91:54:f7:de:df:2a:63:ce:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
        Validity
            Not Before: Mar 29 10:00:36 2026 GMT
            Not After : Mar 30 10:00:36 2026 GMT
        Subject: CN=d9a73621e4e26a2f51868cb16deded3e8beb65da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:82:d7:c4:a8:88:80:f5:08:dc:75:a5:af:c7:
                    fb:52:d5:21:3a:6d:33:b9:67:8f:17:43:fb:1c:f0:
                    aa:60:d5:59:5d:35:d1:f0:14:e9:62:4c:5d:93:aa:
                    44:0d:f5:5a:59:5c:77:be:64:df:c1:96:de:55:39:
                    ea:b7:47:ab:6e:5c:45:f3:55:6e:92:76:43:90:18:
                    66:42:b8:6b:c5:51:77:76:04:c2:7d:34:54:b3:f1:
                    9d:17:ec:8c:38:ad:e4:fa:ea:f8:6a:0d:9f:fd:3f:
                    87:dc:43:2f:74:0d:4c:34:b3:c0:09:1b:ed:9d:56:
                    5b:d6:6e:23:29:e7:b8:86:b8:78:c0:27:c9:29:89:
                    64:79:77:ea:5a:33:b0:e7:00:00:13:11:b5:90:15:
                    fd:bd:0b:25:c0:2c:a5:7f:53:52:03:c2:fa:fd:9b:
                    c1:fc:d2:3f:58:b3:a4:28:4e:75:70:c7:bc:d3:a2:
                    04:73:09:52:20:d8:2a:7a:90:99:4c:fe:20:3d:39:
                    d2:3f:f5:9d:cc:81:7f:94:9c:58:41:19:49:a6:37:
                    58:8a:34:cf:be:fd:38:de:5b:e4:9a:6c:80:80:b5:
                    37:39:ec:06:4e:84:af:60:05:77:08:c4:db:e5:82:
                    d7:3f:30:5a:28:89:3f:e9:bd:a7:b4:79:3a:c4:50:
                    88:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:A7:36:21:E4:E2:6A:2F:51:86:8C:B1:6D:ED:ED:3E:8B:EB:65:DA
            X509v3 Authority Key Identifier:
                keyid:9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:cb:ad:4a:b1:f2:28:4f:f6:aa:c0:5e:87:f7:14:b1:ef:3e:
         ae:1c:15:51:f2:aa:e5:e4:07:48:86:14:23:20:b2:e6:63:ab:
         95:77:8d:c5:b4:46:dc:92:84:bf:c1:3f:54:36:86:54:8b:33:
         73:6c:9c:7a:bb:6b:3a:26:3b:b9:86:db:f7:54:84:0b:2f:b7:
         d6:e2:82:6a:58:8d:ef:4d:98:23:43:2b:c5:cd:7a:af:4e:55:
         f6:18:5c:d8:78:21:5c:fc:5c:6c:ae:e1:6d:a5:0d:e7:9a:7f:
         9f:d6:a2:c0:02:eb:01:f5:88:49:94:26:a9:84:9e:62:5e:7e:
         ba:1d:0e:c2:a8:20:f6:cd:60:df:ef:e6:fd:e3:e9:69:f3:c1:
         8b:75:62:d5:ce:fe:4a:9c:c0:90:e3:86:e9:2e:26:2b:5d:50:
         45:ee:5c:cb:4a:b9:46:11:11:29:61:68:e3:46:f4:8d:d0:07:
         08:e5:a4:5c:36:ba:28:e9:c3:4c:cd:f9:2a:2c:1b:9d:6b:03:
         c1:3b:9b:92:d4:bb:92:53:dd:57:a7:ad:9d:e8:c6:d9:ad:87:
         a6:ae:12:5e:b2:08:96:12:ef:09:05:83:14:ab:b3:f3:e1:a8:
         72:82:1d:32:44:1f:a3:1c:6c:63:1e:67:2f:32:03:63:4b:a9:
         75:ce:0d:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cc2NdxavkVT33t8qY87rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzk5NjY4NjNkODJmYThiZDFjYTM5MzY5MDVmYTFlMjRh
OWEwYmYwHhcNMjYwMzI5MTAwMDM2WhcNMjYwMzMwMTAwMDM2WjAzMTEwLwYDVQQD
EyhkOWE3MzYyMWU0ZTI2YTJmNTE4NjhjYjE2ZGVkZWQzZThiZWI2NWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ILXxKiIgPUI3HWlr8f7UtUhOm0z
uWePF0P7HPCqYNVZXTXR8BTpYkxdk6pEDfVaWVx3vmTfwZbeVTnqt0erblxF81Vu
knZDkBhmQrhrxVF3dgTCfTRUs/GdF+yMOK3k+ur4ag2f/T+H3EMvdA1MNLPACRvt
nVZb1m4jKee4hrh4wCfJKYlkeXfqWjOw5wAAExG1kBX9vQslwCylf1NSA8L6/ZvB
/NI/WLOkKE51cMe806IEcwlSINgqepCZTP4gPTnSP/WdzIF/lJxYQRlJpjdYijTP
vv043lvkmmyAgLU3OewGToSvYAV3CMTb5YLXPzBaKIk/6b2ntHk6xFCIOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmnNiHk4movUYaMsW3t7T6L62XaMB8GA1UdIwQY
MBaAFJ85lmhj2C+ovRyjk2kF+h4kqaC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjIt
MGIxZDA5NDk4NTM0LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjItMGIxZDA5NDk4NTM0
LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANcutSrHy
KE/2qsBeh/cUse8+rhwVUfKq5eQHSIYUIyCy5mOrlXeNxbRG3JKEv8E/VDaGVIsz
c2ycertrOiY7uYbb91SECy+31uKCaliN702YI0Mrxc16r05V9hhc2HghXPxcbK7h
baUN55p/n9aiwALrAfWISZQmqYSeYl5+uh0Owqgg9s1g3+/m/ePpafPBi3Vi1c7+
SpzAkOOG6S4mK11QRe5cy0q5RhERKWFo40b0jdAHCOWkXDa6KOnDTM35KiwbnWsD
wTubktS7klPdV6etnejG2a2Hpq4SXrIIlhLvCQWDFKuz8+GocoIdMkQfoxxsYx5n
LzIDY0updc4Nig==
-----END CERTIFICATE-----